Application/Control Number: 09/845,125 



In The Claims 

5 Claim 1 (Currently amended) Method for the secure and controlled 
loading of applications onto a conventional file system smart 
card without the benefit of card based cryptographic services or 
a virtual machine such as Java card operating system 
customizations consisting of the following steps: 
10 preloading of a plurality of small binary files that will 

each store the current master "card unlock key" value 
where each binary file can be freely updated, but read 
only with the proper access authorization- 
access authorization to the single use binary files is 
15 selectively disclosed to third party application 

providers in order to grant access for application 
loading; 

application providers retrieve the current master "card 
unlock key" value from the binary file to which they 
20 have been given access; 

the master "card unlock key" is then used to unlock the 

card and ready it for application loading; 
after the card is loaded with the desired application, 
the master "card unlock key" value is changed to a 
25 random number and its new value rewritten to all of 

the binary files; 
the specific binary file from where the application 

provider first retrieved the master "card unlock key" 
file is then rendered unusable thereby restricting 
30 these as one time only keys. 

Claim 2 (Canceled) 

Claim 3 (Canceled) 
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Claim 4 (Canceled) 

Claim 5 (Currently amended) Method of claim 1 wherein a master 
"card unlock key" value for card unlock is randomly generated 
5 after each use and is therefore different for each card and each 
session - 

Claim 6 (Currently amended) Method of claim 1 further consisting 
of a second "card unlock key" known only to ^fcke a card issuer 
10 which could override any other card operations thereby allowing 
specific applications to be deactivated. 

Claim 7 (Original) Method of claim 1 wherein the said 
application loading can take place even after the card has been 
15 placed into circulation. 

Claim 8 (Original) Method of claim 1 wherein the said 
application loading is dynamic thereby affording greater 
flexibility than attempting to fit applications into a predefined 
20 card template. 

Claim 9 (Original) Method of claim 1 to also include the 
unloading of applications . 

25 Claim 10 (Currently amended) Method and system embodied as a 
software computer program for the Card Issuer to selectively 
empower third parties to be able to load applications to the 
smart card consisting of the following steps: 

assign to the third party a previously unallocated binary 
30 file that has been preloaded on the card; 

invoke the permission allocated to the third party for 

read access to their assigned binary file most likely 
in the form of presenting a key to the card; 
execute the master "card unlock key" value as read from 
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the binary file in order to unlock the card; 
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enable the creation of files and loading of application 

data to the card; 
derive a new master "card unlock key" and write this back 

to the remaining card binary files so that this method 
5 can be repeated . 

Claim 11 (Original) Method of claim 10 further consisting of a 
secure process for individually authorizing and controlling 
application loading . 

10 

Claim 12 (Original) Method of claim 10 wherein the authorization 
can be granted after the card has been placed in circulation. 

Claim 13 (Original) Method of claim 10 wherein the Card Issuer 
15 maintains a reversionary ownership interest in the card such that 
applications can be inactivated or removed. 

Claim 14 (Canceled) 

20 Claim 15 (Canceled) 

Claim 16 (Canceled) 
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